Update now! Microsoft patches its Android RDP app to fix flaw
Microsoft has added its Android Remote Desktop Protocol (RDP) app to the list of client software that needs updating to fix a security flaw first made public as part of July’s Patch Tuesday.
The flaw, tracked as CVE-2019-1108, was described as an information disclosure issue that could allow an attacker “to connect remotely to an affected system and run a specially crafted application.”
Although the rating made it sound less urgent, attackers are known to be very interested in RDP weaknesses, hence Microsoft’s caution that that exploitation was “more likely.”
The fix? To apply the relevant patch for the Windows version in question (KB4507453 in the case of Windows 10 64-bit version 1903).
In a quiet update this week, Microsoft now says the same applies to its popular Android RDP app too, which can be fixed by downloading the latest version from Google’s Play Store.
It’s the sort of issue that would be easy to overlook until the app eventually updates itself, possibly days later.